jotsheet

Over the past few days, I’ve gotten hit with a couple of nasty TrackBack spams. It’s not overwhelming (yet), but I think the spammers are up to something new.

My humble mt_antispam_rename.pl script had been enough to keep them in check over the past few months. The idea upon which the script is predicated is simple: as long as the spammers are not operating in real-time and must spider a site (similar to a search engine), one can avoid their spam carpet-bombing by skittering around with random movements and file renames.

This seems not to be 100% effective any longer. I can’t be sure why, but my guess is that they’re operating in real-time now, or close to it. Once they identify a list of blogs to target, their spamming program can grab the TrackBack URL from the RDF metadata. As a result, my technique of changing the random number in the TrackBack URL is rendered ineffective.

By the same token, I know that my technique is still avoiding a lot of TB spam. Glancing at the logs, I can see many failed requests for /mt/trackback.r258.cgi, /mt/trackback.r800.cgi, and other old TB URLs. This means that many of the spammers are still using a method that allows me to avoid them with a daily rename.

In any event, I may soon need to look elsewhere for stronger anti-spam protection, and the first place I’ll go will be Brad Choate’s SpamLookup project.

Share This